florian/hexagonal-architecture-starter
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add annotations to allow or deny use-cases access.

Browse Source
This commit is contained in:
Florian THIERRY
2023-11-30 15:45:16 +01:00
parent 920fbe489d
commit a8046a1227
4 changed files with 32 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
sportshub-application/src/main/java/org/sportshub/application/configuration/SecurityConfiguration.java
View File

@@ -1,6 +1,5 @@
package org.sportshub.application.configuration;
import static org.sportshub.domain.user.model.UserRole.ADMIN;
import static org.springframework.http.HttpMethod.GET;
import static org.springframework.http.HttpMethod.OPTIONS;
import static org.springframework.http.HttpMethod.POST;
@@ -9,6 +8,7 @@ import org.sportshub.application.security.JwtAuthenticationFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
@@ -23,6 +23,7 @@ import static jakarta.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
@Configuration
@EnableWebSecurity
@EnableMethodSecurity(securedEnabled = true)
public class SecurityConfiguration {
@Bean
public SecurityFilterChain securityFilterChain(
@@ -45,10 +46,6 @@ public class SecurityConfiguration {
"/api/health/check",
"/error"
).permitAll()
.requestMatchers(
GET,
"/api/users"
).hasAuthority(ADMIN.name())
.requestMatchers(
POST,
"/api/users/login"

14
sportshub-application/src/main/java/org/sportshub/application/security/annotation/AllowedToAdmins.java Normal file
View File

@@ -0,0 +1,14 @@
package org.sportshub.application.security.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import org.springframework.security.access.prepost.PreAuthorize;
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@PreAuthorize("hasAuthority('ROLE_' + T(org.sportshub.domain.user.model.UserRole).ADMIN.name())")
public @interface AllowedToAdmins {
}

14
sportshub-application/src/main/java/org/sportshub/application/security/annotation/AllowedToAnonymous.java Normal file
View File

@@ -0,0 +1,14 @@
package org.sportshub.application.security.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import org.springframework.security.access.prepost.PreAuthorize;
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@PreAuthorize("permitAll()")
public @interface AllowedToAnonymous {
}

2
sportshub-application/src/main/java/org/sportshub/application/user/UserUseCases.java
View File

@@ -5,6 +5,7 @@ import java.util.Optional;
import java.util.UUID;
import org.sportshub.application.security.JwtService;
import org.sportshub.application.security.annotation.AllowedToAdmins;
import org.sportshub.domain.exception.LoginFailureException;
import org.sportshub.domain.user.model.User;
import org.sportshub.domain.user.port.UserPort;
@@ -31,6 +32,7 @@ public class UserUseCases {
return userPort.findById(userId);
}
@AllowedToAdmins
public List<User> findAll() {
return userPort.findAll();
}